From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Tue, 23 Oct 2018 14:30:20 +0000 (+0200)
Subject: Fix a possible crash in rand_drbg_get_entropy
X-Git-Tag: openssl-3.0.0-alpha1~3016
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=21311777ad8b8c2f2fb8eb7a4f9618ceae1e043d

Fix a possible crash in rand_drbg_get_entropy

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7474)
---

diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index e6fcbce7fd..29d93a829b 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -151,6 +151,8 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
         pool->entropy_requested = entropy;
     } else {
         pool = rand_pool_new(entropy, min_len, max_len);
+        if (pool == NULL)
+            return 0;
     }
 
     if (drbg->parent) {